Question 1

What is CVE-2022-45476 — CVE-2022-45476?

Accepted Answer

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload.

Question 2

What is the authoritative source for CVE-2022-45476?

Accepted Answer

CVE-2022-45476 (CVE-2022-45476) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	9.8 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS	0.98% probability of exploitation · percentile 57.6% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-45476CVE-2022-45476

Description

Scoring